Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

abort processing of the request

anelem1760873
Level 4
Level 4
Hey there,
 
how do I block/abort processing of the request using  sling filter.
 
Thanks
1 Accepted Solution
markus_bulla_adobe
Correct answer by
Employee
Employee

Hi @anelem1760873!

 

Usually, you would include your filter into the filter chain and override the doFilter() method as @bilal_ahmad outlined in his code example.

Depending on your understanding of how to "block/abort" the request, you could do one of the following:

  • Check for the right condition and send an appropriate HTTP response (e. g. 404 Not Found or any other 4xx or 5xx code that makes sense for your use case) - exactly what @bilal_ahmad mentioned. You can find a simple example of a LoggingFilter [1] in the AEM Maven Archetype [2].
  • Proceed with request processing but skip any additional filters. Probably not what you are looking for.
  • Stop processing all together and not even waste additional computing resources by sending any kind of response. You probably don't want to do that as this may lead to unexpected results.

If your use case is really about blocking and/or dropping incoming requests (e. g. as a protective measure against DoS/DDoS, unwanted crawlers or other clients, etc.) my suggestion would be to stop them at an earlier stage. You could leverage some kind of web application firewall (WAF). Sometimes certain modules for Apache HTTPD do the job (mod_security [3], mod_qos [4] or for simple cases even mod_rewrite [5]).

 

[1] https://github.com/adobe/aem-project-archetype/blob/develop/src/main/archetype/core/src/main/java/co...

[2] https://experienceleague.adobe.com/docs/experience-manager-core-components/using/developing/archetyp...

[3] https://github.com/SpiderLabs/ModSecurity/wiki

[4] http://mod-qos.sourceforge.net/

[5] https://httpd.apache.org/docs/current/mod/mod_rewrite.html

View solution in original post

2 Replies
bilal_ahmad
Level 5
Level 5

Hey @anelem1760873 you can write something this sort in the doFilter() method:

if (resource.getPath().startsWith("/content/pathToBlock/")) {
    if (<right condition>)) {
        <YOUR BUSINESS LOGIC>
    } else {
        slingResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
    }
    return;
}


Thanks,

Bilal.

markus_bulla_adobe
Correct answer by
Employee
Employee

Hi @anelem1760873!

 

Usually, you would include your filter into the filter chain and override the doFilter() method as @bilal_ahmad outlined in his code example.

Depending on your understanding of how to "block/abort" the request, you could do one of the following:

  • Check for the right condition and send an appropriate HTTP response (e. g. 404 Not Found or any other 4xx or 5xx code that makes sense for your use case) - exactly what @bilal_ahmad mentioned. You can find a simple example of a LoggingFilter [1] in the AEM Maven Archetype [2].
  • Proceed with request processing but skip any additional filters. Probably not what you are looking for.
  • Stop processing all together and not even waste additional computing resources by sending any kind of response. You probably don't want to do that as this may lead to unexpected results.

If your use case is really about blocking and/or dropping incoming requests (e. g. as a protective measure against DoS/DDoS, unwanted crawlers or other clients, etc.) my suggestion would be to stop them at an earlier stage. You could leverage some kind of web application firewall (WAF). Sometimes certain modules for Apache HTTPD do the job (mod_security [3], mod_qos [4] or for simple cases even mod_rewrite [5]).

 

[1] https://github.com/adobe/aem-project-archetype/blob/develop/src/main/archetype/core/src/main/java/co...

[2] https://experienceleague.adobe.com/docs/experience-manager-core-components/using/developing/archetyp...

[3] https://github.com/SpiderLabs/ModSecurity/wiki

[4] http://mod-qos.sourceforge.net/

[5] https://httpd.apache.org/docs/current/mod/mod_rewrite.html

View solution in original post